GeekMasher's Blog

Building a CodeQL Extractor from Scratch

Building a CodeQL Extractor from Scratch
This is a deep-dive into building a CodeQL Extractor from scratch using Tree-Sitter and Rust.... Read more →

Series - Building a CodeQL Language from Scratch

Series - Building a CodeQL Language from Scratch
A series of posts that will guide you through the process of building a CodeQL language support from scratch... Read more →

Talk - 'Deep-dive into Containers and How to Secure Them'

Talk - 'Deep-dive into Containers and How to Secure Them'
Containers are a fundamental building block for modern applications, but they bundle a large amount of third-party code. Identifying what’s inside an image (and which versions) is critical for security. This post summarises a January 2025 presentation at Defcon 44131 covering how containers work, why SCA (Software Composition Analysis) matters, common open-source tooling (Syft/Grype, Trivy, Docker Scout, Clair) and an introduction to Konarr — an SCA platform focused on containers.... Read more →

Talk - 'Konarr: A Story of Building a Software Composition Analysis Platform' at DC44131

Talk - 'Konarr: A Story of Building a Software Composition Analysis Platform' at DC44131
Local Defcon chapter talk on ‘Konarr: A Story of Building a Software Composition Analysis Platform’... Read more →

Launching Konarr

Launching Konarr
Konarr is a new open source project developed as a simple, easy-to-use supply chain monitoring tool for your homelab... Read more →